diff --git a/src/intTest/kotlin/mastodon/account/AccountApiTest.kt b/src/intTest/kotlin/mastodon/account/AccountApiTest.kt index 666d3d57..189d5834 100644 --- a/src/intTest/kotlin/mastodon/account/AccountApiTest.kt +++ b/src/intTest/kotlin/mastodon/account/AccountApiTest.kt @@ -424,6 +424,23 @@ class AccountApiTest { .andExpect { status { isUnauthorized() } } } + @Test + fun `apiV1AccountsIdStatusesGet read権限で取得できる`() { + mockMvc + .get("/api/v1/accounts/1/statuses") + .asyncDispatch() + .andExpect { status { isOk() } } + } + + @Test + @WithAnonymousUser + fun `apiV1AccountsIdStatusesGet 匿名でもpublic投稿を取得できる`() { + mockMvc + .get("/api/v1/accounts/1/statuses") + .asyncDispatch() + .andExpect { status { isOk() } } + } + companion object { @JvmStatic @AfterAll diff --git a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/LoginUserContextHolder.kt b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/LoginUserContextHolder.kt index e86dc2b0..1090757e 100644 --- a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/LoginUserContextHolder.kt +++ b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/LoginUserContextHolder.kt @@ -2,4 +2,6 @@ package dev.usbharu.hideout.core.infrastructure.springframework.security interface LoginUserContextHolder { fun getLoginUserId(): Long + + fun getLoginUserIdOrNull(): Long? } diff --git a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/OAuth2JwtLoginUserContextHolder.kt b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/OAuth2JwtLoginUserContextHolder.kt index 0369fda6..2c77a9f9 100644 --- a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/OAuth2JwtLoginUserContextHolder.kt +++ b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/security/OAuth2JwtLoginUserContextHolder.kt @@ -11,4 +11,13 @@ class OAuth2JwtLoginUserContextHolder : LoginUserContextHolder { return principal.getClaim("uid").toLong() } + + override fun getLoginUserIdOrNull(): Long? { + val principal = SecurityContextHolder.getContext()?.authentication?.principal + if (principal !is Jwt) { + return null + } + + return principal.getClaim("uid").toLongOrNull() + } } diff --git a/src/main/kotlin/dev/usbharu/hideout/mastodon/interfaces/api/account/MastodonAccountApiController.kt b/src/main/kotlin/dev/usbharu/hideout/mastodon/interfaces/api/account/MastodonAccountApiController.kt index 650199ad..f577f48d 100644 --- a/src/main/kotlin/dev/usbharu/hideout/mastodon/interfaces/api/account/MastodonAccountApiController.kt +++ b/src/main/kotlin/dev/usbharu/hideout/mastodon/interfaces/api/account/MastodonAccountApiController.kt @@ -71,7 +71,7 @@ class MastodonAccountApiController( pinned: Boolean, tagged: String? ): ResponseEntity> = runBlocking { - val userid = loginUserContextHolder.getLoginUserId() + val userid = loginUserContextHolder.getLoginUserIdOrNull() val statuses = accountApiService.accountsStatuses( userid = id.toLong(), onlyMedia = onlyMedia,